package com.nj.dms.controller;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.nj.dms.bean.User;
import com.nj.dms.dao.UserDao;
import com.nj.dms.dao.impl.UserDaoImpl;

/**
 * 登录控制器，用户输入的数据正确根据用户类型进入相应的界面，信息错误提示用户重新登录
 * 
 * @author Administrator
 *
 */
@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		this.doPost(req, resp);
	}

	@Override
	protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		String sucPath = "index.jsp"; // 登录成功进入的主页地址
		String loginEroPath = "login/login.jsp"; // 登录失败进入的重新登录地址

		// 调用HttpServletRequest对象接受表单数据
		// 接受表单输入的用户名和密码
		int type = new Integer(req.getParameter("type"));
		String userName = req.getParameter("userName");
		String password = req.getParameter("password");
		// 接受表单输入的用户验证码
		String verificationCode_b = req.getParameter("verificationCode");

		// 保存属性到请求范围，用于用户输入错误信息时纠正
		req.setAttribute("type", type);
		req.setAttribute("userName", userName);
		req.setAttribute("password", password);

		// 获取session范围的属性randomCode的值
		String verificationCode_s = (String) req.getSession().getAttribute("randomCode");

		// 进行合法性验证处理
		boolean flag = true;
		if (type != 1 && type != 2) {
			flag = false;
			req.setAttribute("typeErr", "请选择用户类型");
		}
		if (userName == null || "".equals(userName)) {
			flag = false;
			req.setAttribute("userNameErr", "用户名不能为空");
		}
		if (password == null || "".equals(password)) {
			flag = false;
			req.setAttribute("pwdErr", "密码不能为空");
		}
		// 输入的验证码和系统自动生成的验证码进行比较
		// if (!yzm.equals(yzm1)) {//区分大小写
		if (!verificationCode_b.equalsIgnoreCase(verificationCode_s)) {// 不区分大小写
			flag = false;
			req.setAttribute("verificationCodeErr", "验证码输入错误");

		}

		// 用户名密码通过验证
		if (flag) {

			// 实例化User对象 user
			User user = new User();
			// 将客户端输入的用户信息写入user对象
			user.setType(type);
			user.setUserName(userName);
			user.setPassword(password);

			// 调用类型为UserDao的实例对象userDao的findLogin(user)方法验证用户是否存在
			// 如果存在则返回为真
			UserDao userDao = new UserDaoImpl();

			if (userDao.findUserByLogin(user)) {
				// 返回为 true 表明用户信息正确

				HttpSession session = req.getSession();
				session.setAttribute("type", user.getType());
				session.setAttribute("userName", user.getUserName());
				session.setAttribute("name", user.getName());

				resp.sendRedirect(sucPath);

			} else {

				// 返回为 false 表明用户不存在

				req.setAttribute("pwdErr", "用户名或密码输入错误");

				req.getRequestDispatcher(loginEroPath).forward(req, resp);
			}
		} else {

			req.getRequestDispatcher(loginEroPath).forward(req, resp);
		}
	}
}